DG0001-ORACLE11 - Vendor supported software is evaluated and patched against newly found vulnerabilities.

Information

Unsupported software versions are not patched by vendors to address newly discovered security versions. An unpatched version is vulnerable to attack.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Upgrade to a supported Oracle version. Purchase an Oracle Extended Support Contract where required.

See http://www.oracle.com/technology/support/patches.htm for a definitive list of version patch sets for Oracle DBMS software.

See http://www.oracle.com/support/library/brochure/lifetime-support-technology.pdf for Oracle support policies and timelines.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_11g_Y21M10_STIG.zip

Item Details

References: CAT|I, Rule-ID|SV-24339r2_rule, STIG-ID|DG0001-ORACLE11, Vuln-ID|V-5658

Plugin: Windows

Control ID: 66c6ca61fb40e87f7ce9f193d30d4758796646b77afbaa4bb887df45918062b8